compels an individual or organization to surrender evidence and then
               have the subpoena served by law enforcement. Again, this course of

               action provides sufficient notice for someone to alter the evidence and
               render it useless in court.

               The last option is a search warrant. This option should be used only
               when you must have access to evidence without tipping off the
               evidence’s owner or other personnel. You must have a strong suspicion
               with credible reasoning to convince a judge to pursue this course of

               action.
               The three alternatives apply to confiscating equipment both inside and

               outside an organization, but there is another step you can take to
               ensure that the confiscation of equipment that belongs to your
               organization is carried out properly. It is common to have all new
               employees sign an agreement that provides consent to search and
               seize any necessary evidence during an investigation. In this manner,

               consent is provided as a term of the employment agreement. This
               makes confiscation much easier and reduces the chances of a loss of
               evidence while waiting for legal permission to seize it. Make sure your
               security policy addresses this important topic.


               Calling in Law Enforcement

               One of the first decisions that must be made in an investigation is
               whether law enforcement authorities should be called in. This is a
               relatively complicated decision that should involve senior

               management officials. There are many factors in favor of calling in the
               experts. For example, the Federal Bureau of Investigation (FBI) runs a
               nationwide Cyber Division that serves as a center of excellence for the
               investigation of cybercrimes. Additionally, local FBI field offices now
               have agents who are specifically trained to handle cybercrime
               investigations. These agents investigate federal offenses in their region
               and may also consult with local law enforcement, upon request. The

               United States (U.S.) Secret Service has similarly skilled staff in their
               headquarters and field offices.

               On the other hand, two major factors may cause a company to shy
               away from calling in the authorities. First, the investigation will more